Article

How biometric identifiers could finally spell the end for the password

Despite long being a bugbear for technology users, passwords have remained the main way to provide secure access. But a number of developments mean biometric technology may finally takeover.

By Jo Best

Wed 15 Aug 2018 @ 10:09

There can't be many people who, when trying to recall that oh-so-memorable combination of mother's maiden name, first pet and important date, hasn’t wished for the end of the password. Yet, decades after passwords were first used to lock down computer systems – and nearly 15 years after Bill Gates predicted their death – passwords are still with us.

There are thought to be over 90 billion passwords in use, a figure that's predicted to rise to 300 billion by the end of the decade. Given how universally loathed passwords appear to be, why are they still impossible to escape? One explanation is that, by and large, they work.

Passwords are cheap to create and use, and most people avoid forgetting the passwords to their most important services (and if they do, the recovery process is generally successful, if occasionally irritating). In short, the password refuses to die simply because there hasn't been a better alternative.

That is, until now. The rise in consumers' use of biometric technology could finally spell the end of the password. From voice to fingerprint to iris and facial recognition, biometrics provide a virtually cast-iron way of identifying a user that, unlike passwords, is unique to one person, can't be lost or forgotten. Reuse isn't a problem either – you only have one set of fingerprints, after all, and you can't share them with anyone else.

Given biometrics have been touted as a potential successor to passwords almost since the first unfortunate computer user was forced to create an alphanumeric combination, why are biometrics finally poised to do away with the password once and for all?

As biometrics are often simpler to use than passwords, and don't come with the same level of hassle – no one will be asking you to change your iris every six months – it's perhaps no surprise that consumers say biometrics are their preferred alternative to passwords.

As consumers have become more comfortable with the idea of using biometrics, so security companies and tech vendors have become increasingly keen to offer them. Not just because they want to satisfy consumer demand, but also because biometrics can get around some of the poor security practices that dog password use.

Using easily-guessable passwords, reusing passwords, or writing passwords down, are all practices that many users are guilty of, but issues that effectively disappear with biometrics.

A number of factors have come together to ensure that biometrics' star is rising.

The first is that phone and tablet manufacturers have increasingly been adding biometric readers to their hardware, giving growing numbers of consumers the ability to confirm their identity with their faces or fingerprints.

While laptops carrying fingerprint readers have been around since the early 2000s, the decision by companies such as Apple and Samsung to put them into smartphones has massively increased their reach.

The inclusion of biometric readers in smartphones has had a positive halo effect. As more and more phones come equipped with readers, so the price of the readers has come down – a virtuous circle that has seen them included in ever lower-cost devices, and so become accessible to a greater cross section of users.

Similarly, as interest in biometrics has grown, so standards and cross-industry initiatives around them have matured, encouraging the spread of biometric security still further.

After decades of struggling to remember just whether the special character or upper-case letter came first, the time for passwords may finally be coming to an end. Biometrics, by contrast, is a technology whose time appears to have come.